5

I'm playing with Contiki (O.S. for constrained devices such as sensors and micro-controllers) and particularly with the AES encryption in software (the one available in Contiki source code).

I'm trying to complete the code by adding the decryption operation, but I'm confused with the inverse MixColumns operation. They are using the paper Lightweight MixColumns for it (because it can reduce the number of XOR gates in hardware). On the page 257 they state that:

Inverse MixColumns hardware optimization

QUESTION: Would be correct to say that the first line is equivalent to the following code? (inspired by a similar question) : 

 //buf1 * 9 =  ((( buf1 x2) x2) x2)+ buf1    
 buf1  =  state[buf4] ^ state[buf4 + 1] ^ state[buf4 + 2] ^ state[buf4 + 3];
 buf2 = galois_mul2(buf1);
 buf2 = galois_mul2(buf2);
 buf1 = galois_mul2(buf2) ^ buf1;

Currently, my decryption function is not working, but not sure if it's because I'm screwing up in another part of the code or at this point.

Community
  • 1
RFuentess
  • 71
  • 5

1 Answers1

2

many thanks to everyone. When I was reading originally the FIPS 197 document I made one big mistake: I assumed that the appendix C had only the cipher portion, similar to the appendix B, and missed the uncipher portions.

Answering my own question, yes, translation of the variable temp to the one I proposed initially was correct. However, my error come from another part: For ciphering, you can save directly the results in the state array, but for the decryption you need 3 auxiliary variables more.

I'll clean the code a little more and try to suggest an update to the Contiki repository with my part.

Again, many thanks to everyone by guiding this misled soul

RFuentess
  • 71
  • 5